Debian Abcm2Ps vulnerabilities

CVE-2021-32435 [MEDIUM] CVE-2021-32435: abcm2ps - Stack-based buffer overflow in the function get_key in parse.c of abcm2ps v8.14.... Stack-based buffer overflow in the function get_key in parse.c of abcm2ps v8.14.11 allows remote attackers to cause a Denial of Service (DoS) via unspecified vectors. Scope: local bookworm: resolved (fixed in 8.14.13-1) bullseye: open forky: resolved (fixed in 8.14.13-1) sid: resolved (fixed in 8.14.13-1) trixie: resolved (fixed in 8.14.13-1)

CVE-2021-32434 [MEDIUM] CVE-2021-32434: abcm2ps - abcm2ps v8.14.11 was discovered to contain an out-of-bounds read in the function... abcm2ps v8.14.11 was discovered to contain an out-of-bounds read in the function calculate_beam at draw.c. Scope: local bookworm: resolved (fixed in 8.14.13-1) bullseye: open forky: resolved (fixed in 8.14.13-1) sid: resolved (fixed in 8.14.13-1) trixie: resolved (fixed in 8.14.13-1)

CVE-2021-32436 [MEDIUM] CVE-2021-32436: abcm2ps - An out-of-bounds read in the function write_title() in subs.c of abcm2ps v8.14.1... An out-of-bounds read in the function write_title() in subs.c of abcm2ps v8.14.11 allows remote attackers to cause a Denial of Service (DoS) via unspecified vectors. Scope: local bookworm: resolved (fixed in 8.14.13-1) bullseye: open forky: resolved (fixed in 8.14.13-1) sid: resolved (fixed in 8.14.13-1) trixie: resolved (fixed in 8.14.13-1)

CVE-2019-1010069 [MEDIUM] CVE-2019-1010069: abcm2ps - moinejf abcm2ps 8.13.20 is affected by: Incorrect Access Control. The impact is:... moinejf abcm2ps 8.13.20 is affected by: Incorrect Access Control. The impact is: Allows attackers to cause a denial of service attack via a crafted file. The component is: front.c, function txt_add. The fixed version is: after commit commit 08aef597656d065e86075f3d53fda89765845eae. Scope: local bookworm: resolved (fixed in 8.14.2-0.1) bullseye: resolved (fixed

CVE-2018-10753 [CRITICAL] CVE-2018-10753: abcm2ps - Stack-based buffer overflow in the delayed_output function in music.c in abcm2ps... Stack-based buffer overflow in the delayed_output function in music.c in abcm2ps through 8.13.20 allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact. Scope: local bookworm: resolved (fixed in 8.14.2-0.1) bullseye: resolved (fixed in 8.14.2-0.1) forky: resolved (fixed in 8.14.2-0.1) sid: resolved (fix

CVE-2018-10771 [CRITICAL] CVE-2018-10771: abcm2ps - Stack-based buffer overflow in the get_key function in parse.c in abcm2ps throug... Stack-based buffer overflow in the get_key function in parse.c in abcm2ps through 8.13.20 allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact. Scope: local bookworm: resolved (fixed in 8.14.2-0.1) bullseye: resolved (fixed in 8.14.2-0.1) forky: resolved (fixed in 8.14.2-0.1) sid: resolved (fixed in 8

CVE-2010-3441 [HIGH] CVE-2010-3441: abcm2ps - Multiple buffer overflows in abcm2ps before 5.9.12 might allow remote attackers ... Multiple buffer overflows in abcm2ps before 5.9.12 might allow remote attackers to execute arbitrary code via (1) a crafted input file, related to the PUT0 and PUT1 output macros; (2) a crafted input file, related to the trim_title function; and possibly (3) a long -O option on a command line. Scope: local bookworm: resolved (fixed in 5.9.13-0.1) bullseye: resolved (f

CVE-2010-4744 [HIGH] CVE-2010-4744: abcm2ps - Multiple unspecified vulnerabilities in abcm2ps before 5.9.13 have unknown impac... Multiple unspecified vulnerabilities in abcm2ps before 5.9.13 have unknown impact and attack vectors, a different issue than CVE-2010-3441. Scope: local bookworm: resolved (fixed in 5.9.22-1) bullseye: resolved (fixed in 5.9.22-1) forky: resolved (fixed in 5.9.22-1) sid: resolved (fixed in 5.9.22-1) trixie: resolved (fixed in 5.9.22-1)

CVE-2010-4743 [HIGH] CVE-2010-4743: abcm2ps - Heap-based buffer overflow in the getarena function in abc2ps.c in abcm2ps befor... Heap-based buffer overflow in the getarena function in abc2ps.c in abcm2ps before 5.9.13 might allow remote attackers to execute arbitrary code via a crafted ABC file, a different vulnerability than CVE-2010-3441. NOTE: some of these details are obtained from third party information. Scope: local bookworm: resolved (fixed in 5.9.22-1) bullseye: resolved (fixed in 5.9.

CVE-2004-1258 [CRITICAL] CVE-2004-1258: abcm2ps - Buffer overflow in the put_words function in subs.c for abcm2ps 3.7.20 allows re... Buffer overflow in the put_words function in subs.c for abcm2ps 3.7.20 allows remote attackers to execute arbitrary code via crafted ABC files. Scope: local bookworm: resolved (fixed in 4.8.5-1) bullseye: resolved (fixed in 4.8.5-1) forky: resolved (fixed in 4.8.5-1) sid: resolved (fixed in 4.8.5-1) trixie: resolved (fixed in 4.8.5-1)